Re-auth'ing with Google Oauth shouldn't rm roles (#52)

* Re-auth'ing with Google Oauth shouldn't rm roles

* bump version

Author: m4wh6k

VERSION

@@ -1 +1 @@
-0.8.9
+0.8.10

src/boardwalkd/server.py

@@ -310,16 +310,19 @@ async def get(self, *args: Any, **kwargs: Any):
                 return self.send_error(400)
 
             # If we get this far we know we have a valid google user
-            try:
-                state.users[user["email"]] = User(email=user["email"])
-            except ValidationError as e:
-                app_log.error(e)
-                return self.send_error(422)
-            state.flush()
+            username = user["email"]
+
+            if username not in state.users:
+                try:
+                    state.users[username] = User(email=username)
+                except ValidationError as e:
+                    app_log.error(e)
+                    return self.send_error(422)
+                state.flush()
 
             self.set_secure_cookie(
                 "boardwalk_user",
-                user["email"],
+                username,
                 expires_days=self.settings["auth_expire_days"],
                 samesite="Strict",
                 secure=True,